[apparmor] Exploring CI pipeline for integration tests of selectedfeatures

[Zygmunt Krynicki]

W dniu 15.11.2024 o 17:06 Zygmunt Krynicki pisze:
> Hi!
>
> I'm looking into adding or selecting tests to run at pull request time 
> that would run checks against new apparmor parser and a list of curated 
> kernels with the intent of capturing key use-cases relevant to snapd.
>

[snip]

> My initial plan is to start with a system that can use typical Debian, 
> Ubuntu vanilla Upstream kernels as the starting set. Details will be 
> fleshed out over time.

I've now opened a pull request https://gitlab.com/apparmor/apparmor/-/merge_requests/1432 which adds spread test suite running most of the existing tests that I could find, except for stress tests.

My next steps are to explore two separate efforts:

- Use spread support as a starting point to add dedicated tests that capture the interactions of mount-control interface.
- Integrate spread with gitlab continuous integration system, running a subset of tests to reach my self-defined 5-minute runtime limit.

I've also tested that with proper credentials all of those tests could also run in a google compute engine system similarly to how snapd is tested. I don't intend to do it but I wanted to have this as possibility because it can, at some point, be used to scale the test infrastructure to cover many tests, assuming they can run concurrently, quickly.

I am looking forward to your reviews.

Best regards
ZK